{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-9088","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-09-22T15:25:58.534Z","datePublished":"2024-09-22T22:00:09.006Z","dateUpdated":"2024-09-23T14:59:16.607Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-09-22T22:00:09.006Z"},"title":"SourceCodester Telecom Billing Management System login buffer overflow","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-120","lang":"en","description":"Buffer Overflow"}]}],"affected":[{"vendor":"SourceCodester","product":"Telecom Billing Management System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability has been found in SourceCodester Telecom Billing Management System 1.0 and classified as critical. This vulnerability affects the function login. The manipulation of the argument uname leads to buffer overflow. The exploit has been disclosed to the public and may be used."},{"lang":"de","value":"In SourceCodester Telecom Billing Management System 1.0 wurde eine kritische Schwachstelle gefunden. Das betrifft die Funktion login. Durch Beeinflussen des Arguments uname mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":6.3,"vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":6.3,"vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5.8,"vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P"}}],"timeline":[{"time":"2024-09-22T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-09-22T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-09-22T17:31:14.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"shikang (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.278266","name":"VDB-278266 | SourceCodester Telecom Billing Management System login buffer overflow","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.278266","name":"VDB-278266 | CTI Indicators (IOB, IOC, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.411854","name":"Submit #411854 | SourceCodester Telecom Billing Management System in C++ with Source Code 1.0 Buffer Overflow","tags":["third-party-advisory"]},{"url":"https://github.com/CveSecLook/cve/issues/61","tags":["exploit","issue-tracking"]},{"url":"https://www.sourcecodester.com/","tags":["product"]}]},"adp":[{"affected":[{"vendor":"sourcecodester","product":"telecom_billing_management_system","cpes":["cpe:2.3:a:sourcecodester:telecom_billing_management_system:*:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"1.0","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-09-23T14:57:49.755530Z","id":"CVE-2024-9088","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-09-23T14:59:16.607Z"}}]}}